Wireless Lans, based on the 802.11 standard, are one of the fastest-growing networking technologies, due to their low cost and ease of configuration.
They offer companies the ability to save money and at the same time allow employees to effortlessly move around a building without being bound by the wires traditionally associated with Ethernet networks. But organisations are rapidly deploying WLans without taking all of the associated security risks into consideration.
The convenience of a WLan setup is also its biggest security weakness, with most boxed WLan products being shipped without enabled security features. And even Wired Equivalent Privacy (Wep), the default security protocol in a WLan, has been proven to be vulnerable to simple attacks.
Some network administrators perhaps think that no one outside the office will know or care that they have a WLan operating on the premises, and therefore implement their's with insufficient security, hoping the location and limited range of transmission will prevent unauthorised intrusions.
But the practice of 'War chalking', which has received widespread publicity recently, shows there is a growing group of people eager to find out which organisations are using WLans.
War chalkers use chalk marks on pavements and walls to expose the existence of free WLan networks. In doing so they expose networks to anyone from bandwidth freeloaders, or hitch-hackers, to potential malicious hackers. While any unauthorised use of bandwidth is not to be condoned, the most worrying abuse is that of hackers.
Insecure networks can be used by hackers to connect to the internet and conduct virtually undetectable attacks. This could potentially leave the 'host' company liable for any damage caused, leaving its reputation in tatters and its pockets considerably lighter. All a hacker needs to do is be within transmission range with a laptop, a wireless access card and the right tools that are freely available from the internet.
Often all the unauthorised user wants is some free internet access, but as the practice of war chalking becomes more common, it may mean that WLans will become a hacker's entry point of choice.
So how can organisations begin to secure their WLans? Possibly the most critical issue for network administrators is that they are able to strongly authenticate both who and what is attached to their network, and guarantee the privacy of the information residing on it.
It may be worth looking at what works elsewhere. Virtual Private Networks (VPNs) had similar security issues associated with them when they were first developed. VPN technology is now built using public key cryptography and VPNs are widely regarded as a secure way to transfer information. There is no reason why the same technology cannot be applied to secure WLans.
Through the use of integrity and encryption services it is possible to guarantee the security of systems and information by ensuring the data is not viewed by others and that it is not manipulated or redirected while it is in transit. Digital certificates enhance security by providing stronger authentication of network elements and more importantly allow you to enforce a comprehensive security management policy.
Organisations will always look for ways to conduct their business more efficiently and WLans are an excellent technology to help them to do this. But the threat of hackers should never be ignored - convenience should never come at the expense of security.
Richard Kinsella is a wireless network security specialist at Baltimore Technologies.
reader comments